Update control plane manifests and add etcd metrics

* Enable etcd v3.3 metrics to expose metrics for scraping by Prometheus * Use k8s.gcr.io instead of gcr.io/google_containers * Add flexvolume plugin mount to controller manager * Update kube-dns from v1.14.8 to v1.14.9
2018-04-08 15:42:45 -07:00 · 2018-04-08 15:42:45 -07:00 · f990473cde
parent 8523a086e2
commit f990473cde
7 changed files with 19 additions and 6 deletions
--- a/aws/fedora-atomic/kubernetes/bootkube.tf
+++ b/aws/fedora-atomic/kubernetes/bootkube.tf
@ -1,6 +1,6 @@
 # Self-hosted Kubernetes assets (kubeconfig, manifests)
 module "bootkube" {
-  source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=61fb176647e15d4d0e72fdccb34d27e47430407c"
+  source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=33e00a6dc5cdf2744b0f607329c1566ae8e5fde9"
  cluster_name          = "${var.cluster_name}"
  api_servers           = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]
--- a/aws/fedora-atomic/kubernetes/cloudinit/controller.yaml.tmpl
+++ b/aws/fedora-atomic/kubernetes/cloudinit/controller.yaml.tmpl
@ -8,6 +8,7 @@ write_files:
      ETCD_INITIAL_ADVERTISE_PEER_URLS=https://${etcd_domain}:2380
      ETCD_LISTEN_CLIENT_URLS=https://0.0.0.0:2379
      ETCD_LISTEN_PEER_URLS=https://0.0.0.0:2380
      ETCD_LISTEN_METRICS_URLS=http://0.0.0.0:2381
      ETCD_INITIAL_CLUSTER=${etcd_initial_cluster}
      ETCD_STRICT_RECONFIG_CHECK=true
      ETCD_TRUSTED_CA_FILE=/etc/ssl/certs/etcd/server-ca.crt
@ -91,7 +92,7 @@ bootcmd:
  - [setenforce, Permissive]
 runcmd:
  - [systemctl, daemon-reload]
-  - "atomic install --system --name=etcd quay.io/dghubble/etcd:99f87f9245ef2b2104fe2fc3550c21327b5a980f"
+  - "atomic install --system --name=etcd quay.io/dghubble/etcd:0265e6680d2533f3fbf4512af868d29ff07451ca"
  - [systemctl, start, --no-block, etcd.service]
  - "atomic install --system --name=kubelet quay.io/dghubble/kubelet:d97cd9265ef6f6d0d9aab54ad9f66d4f5daaf397"
  - [systemctl, start, --no-block, kubelet.service]
--- a/aws/fedora-atomic/kubernetes/security.tf
+++ b/aws/fedora-atomic/kubernetes/security.tf
@ -51,6 +51,16 @@ resource "aws_security_group_rule" "controller-etcd" {
  self      = true
 }
 resource "aws_security_group_rule" "controller-etcd-metrics" {
  security_group_id = "${aws_security_group.controller.id}"
  type                     = "ingress"
  protocol                 = "tcp"
  from_port                = 2381
  to_port                  = 2381
  source_security_group_id = "${aws_security_group.worker.id}"
 }
 resource "aws_security_group_rule" "controller-flannel" {
  security_group_id = "${aws_security_group.controller.id}"
--- a/bare-metal/fedora-atomic/kubernetes/bootkube.tf
+++ b/bare-metal/fedora-atomic/kubernetes/bootkube.tf
@ -1,6 +1,6 @@
 # Self-hosted Kubernetes assets (kubeconfig, manifests)
 module "bootkube" {
-  source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=61fb176647e15d4d0e72fdccb34d27e47430407c"
+  source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=33e00a6dc5cdf2744b0f607329c1566ae8e5fde9"
  cluster_name          = "${var.cluster_name}"
  api_servers           = ["${var.k8s_domain_name}"]
--- a/bare-metal/fedora-atomic/kubernetes/cloudinit/controller.yaml.tmpl
+++ b/bare-metal/fedora-atomic/kubernetes/cloudinit/controller.yaml.tmpl
@ -8,6 +8,7 @@ write_files:
      ETCD_INITIAL_ADVERTISE_PEER_URLS=https://${domain_name}:2380
      ETCD_LISTEN_CLIENT_URLS=https://0.0.0.0:2379
      ETCD_LISTEN_PEER_URLS=https://0.0.0.0:2380
      ETCD_LISTEN_METRICS_URLS=http://0.0.0.0:2381
      ETCD_INITIAL_CLUSTER=${etcd_initial_cluster}
      ETCD_STRICT_RECONFIG_CHECK=true
      ETCD_TRUSTED_CA_FILE=/etc/ssl/certs/etcd/server-ca.crt
@ -96,7 +97,7 @@ bootcmd:
  - [setenforce, Permissive]
 runcmd:
  - [systemctl, daemon-reload]
-  - "atomic install --system --name=etcd quay.io/dghubble/etcd:99f87f9245ef2b2104fe2fc3550c21327b5a980f"
+  - "atomic install --system --name=etcd quay.io/dghubble/etcd:0265e6680d2533f3fbf4512af868d29ff07451ca"
  - [systemctl, start, --no-block, etcd.service]
  - [hostnamectl, set-hostname, ${domain_name}]
  - "atomic install --system --name=kubelet quay.io/dghubble/kubelet:d97cd9265ef6f6d0d9aab54ad9f66d4f5daaf397"
--- a/digital-ocean/fedora-atomic/kubernetes/bootkube.tf
+++ b/digital-ocean/fedora-atomic/kubernetes/bootkube.tf
@ -1,6 +1,6 @@
 # Self-hosted Kubernetes assets (kubeconfig, manifests)
 module "bootkube" {
-  source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=61fb176647e15d4d0e72fdccb34d27e47430407c"
+  source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=33e00a6dc5cdf2744b0f607329c1566ae8e5fde9"
  cluster_name          = "${var.cluster_name}"
  api_servers           = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]
--- a/digital-ocean/fedora-atomic/kubernetes/cloudinit/controller.yaml.tmpl
+++ b/digital-ocean/fedora-atomic/kubernetes/cloudinit/controller.yaml.tmpl
@ -8,6 +8,7 @@ write_files:
      ETCD_INITIAL_ADVERTISE_PEER_URLS=https://${etcd_domain}:2380
      ETCD_LISTEN_CLIENT_URLS=https://0.0.0.0:2379
      ETCD_LISTEN_PEER_URLS=https://0.0.0.0:2380
      ETCD_LISTEN_METRICS_URLS=http://0.0.0.0:2381
      ETCD_INITIAL_CLUSTER=${etcd_initial_cluster}
      ETCD_STRICT_RECONFIG_CHECK=true
      ETCD_TRUSTED_CA_FILE=/etc/ssl/certs/etcd/server-ca.crt
@ -110,7 +111,7 @@ bootcmd:
  - [setenforce, Permissive]
 runcmd:
  - [systemctl, daemon-reload]
-  - "atomic install --system --name=etcd quay.io/dghubble/etcd:99f87f9245ef2b2104fe2fc3550c21327b5a980f"
+  - "atomic install --system --name=etcd quay.io/dghubble/etcd:0265e6680d2533f3fbf4512af868d29ff07451ca"
  - [systemctl, start, --no-block, etcd.service]
  - [systemctl, enable, cloud-metadata.service]
  - "atomic install --system --name=kubelet quay.io/dghubble/kubelet:d97cd9265ef6f6d0d9aab54ad9f66d4f5daaf397"